<?php
require_once (dirname(__FILE__) . "/../../config.php");
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$service = "smartrouting";
$mac = $_REQUEST['mac'];
if(!isset($_REQUEST['mac'])){
	if ($username == "" || $password == "") {
		$error_message = "<error>用户名或密码不能为空!</error>\n";
		outPutXml($error_message);
	}
	if ($service == "") {
		$error_message = "<error>服务不能为空!</error>\n";
		outPutXml($error_message);
	}
}
$service_id = checkService($service);
//获取用户判断mac是否存在，存在的话用另外一种查法！
if(isset($_REQUEST['mac'])){
	$row= checkMac($mac);
	if($row['equipment_id'] == ""){
		$error_message = "<error>设备不存在!</error>\n";
		outPutXml($error_message);
	}
	if($row['updater'] == ""){
			$error_message = "<error>没有为此设备分配用户!</error>\n";
			outPutXml($error_message);
	}
	if($row['service_id'] == ""){
		$error_message = "<error>服务ID不存在!</error>\n";
		outPutXml($error_message);
	}
	$user_id=$row['updater'];
	} else {
		$user_id = checkLogin ( $username, $password );
	}
	if ($user_id == "") {
		$error_message = "<error>用户名或密码有误!</error>\n";
		outPutXml($error_message);
	}
	$user_service_id = checkUserService($user_id, $service_id);
	//单独的联系人列表服务
	if ($service == "contact") {
		$groupArray = getGroup($user_id);
		if (count($groupArray) == 0) {
			$error_message = "<error>该用户未创建群组</error>\n";
			outPutXml($error_message);
		}
		$content = getContactList($groupArray);
		outPutXml($content);
	
	}
	
	if ($service_id == "") {
		$error_message = "<error>用户请求的服务不存在!</error>\n";
		outPutXml($error_message);
	}
	
	if ($user_service_id == "") {
		$error_message = "<error>该用户没有购买该服务!</error>\n";
		outPutXml($error_message);
	}

$content = checkLoginList($user_service_id,$service_id);
if ($content == "") {
	$error_message = "<error>用户在请求的服务下没有相应的帐号信息!</error>\n";
	outPutXml($error_message);
} else {
	getEncryptionAndDecryption($content);
	//outPutXml($content);
}

function getServiceCode($id){
	$sql = "select * from zy_service where service_id=".$id;
	$rs = mysql_query($sql);
	$row = mysql_fetch_array($rs);
	return $row['code'];
}

function checkMac($mac){
	$sql = "select * from zy_equipment where MacAddress='".$mac."'";
	$rs = mysql_query($sql);
	if($row = mysql_fetch_array($rs)){
		return $row;
	}
	return null;
}
function checkLogin($username, $password) {
	$sql = "select * from zy_user where user_name = '" . $username . "' and password = '" . $password . "' and isdelete=0";
	$result = mysql_query($sql);
	$rs = mysql_fetch_array($result);
	return $rs['user_id'];
}
function checkService($service) {
	$sql = "select * from zy_service where code = '" . $service . "'";
	$result = mysql_query($sql);
	$rs = mysql_fetch_array($result);
	return $rs['service_id'];
}
function checkUserService($user_id, $service_id) {
	$sql = "select * from zy_user_service where user_id = '" . $user_id . "' and service_id = '" . $service_id . "'";
	$result = mysql_query($sql);
	$i = 0;
	while($rs = mysql_fetch_array($result)){
		$row1[$i] = $rs['user_service_id'];
		//如果是iptv,就查一个浏览密码即可.
		if($service_id==14){
			return $row1;
		}
		$i++;
	}
	return $row1;

	
}
function checkValidate($user_service_id) {
	return true;
}

function checkLoginList($user_service_id,$service_id) {
	$content .= "<netcuberesult>\n";
	for($i=0;$i<count($user_service_id);$i++){
	$sql = "select * from zy_login_list where user_service_id = '" . $user_service_id[$i] . "'";
	$result = mysql_query($sql);
		while ($rs = mysql_fetch_array($result)) {
			$content .= "<result>\n";
			if($rs['field1']!="")
				$content .= "<id>".$rs['field1']."</id>\n";
			if($rs['field2']!="")
				$content .= "<username>".$rs['field2']."</username>\n";
			if($rs['field3']!="")
				$content .= "<password>".$rs['field3']."</password>\n";
			if($rs['field4']!="")
	 			$content .= "<field4>".$rs['field4']."</field4>\n";
	 		if($rs['field5']!="")
	 			$content .= "<field5>".$rs['field5']."</field5>\n";
	 		if($rs['field6']!="")
	 			$content .= "<field6>".$rs['field6']."</field6>\n";
	 		if($rs['field7']!="")
	 			$content .= "<field7>".$rs['field7']."</field7>\n";
	 		if($rs['field8']!="")
	 			$content .= "<field8>".$rs['field8']."</field8>\n";
	 		/*单独为smartrouting增加VPN Server的详细信息*/
	 		if($service_id==8){
	 			$vpn_sql="select * from zy_vpnlist where id=".$rs['field1'];
	 			$vpn_result=mysql_query($vpn_sql);
	 			if($row=mysql_fetch_array($vpn_result)){
	 				$content .= "<comment>".$row['comment']."</comment>\n";
	 				$content .= "<type>".$row['type']."</type>\n";
	 				$content .= "<server>".$row['server']."</server>\n";
	 				$content .= "<port>".$row['port']."</port>\n";
	 				$content .= "<protocol>".$row['protocol']."</protocol>\n";
	 				$content .= "<interface>".$row['interface']."</interface>\n";
	 				$content .= "<ca>".$row['ca']."</ca>\n";
	 			}
	 		}
			$content .= "</result>\n";
		}
	}
	$content .= "</netcuberesult>\n";
	return $content;
}
function getGroup($user_id) {
	$sql = "select * from zy_group where user_id = '" . $user_id . "'";
	$result = mysql_query($sql);
	$i = 0;
	while ($rs = mysql_fetch_array($result)) {
		$group[$i] = array (
			"group_name" => $rs['group_name'],
			"group_id" => $rs['group_id']
		);
		$i++;
	}
	return $group;
}
function getContactList($groupArray) {
	$content="";
	foreach ($groupArray as $group) {
			$content.="<group name=\"".$group['group_name']."\">\n";
			$sql = "select * from zy_contact where group_id = '" . $group['group_id'] . "'";
			$result = mysql_query($sql);
			while ($rs = mysql_fetch_array($result)) {
				$content.="<contact>\n"; 
				$content.="<name>".$rs['name']."</name>\n";
				$content.="<nickname>".$rs['nickname']."</nickname>\n";
				$content.="<address1>".$rs['address1']."</address1>\n";
				$content.="<address2>".$rs['address2']."</address2>\n";
				$content.="<phone1>".$rs['phone1']."</phone1>\n";
				$content.="<phone2>".$rs['phone2']."</phone2>\n";
				$content.="<fax1>".$rs['fax1']."</fax1>\n";
				$content.="<fax2>".$rs['fax2']."</fax2>\n";
				$content.="<email1>".$rs['email1']."</email1>\n";
				$content.="<email2>".$rs['email2']."</email2>\n";
				$content.="<remark>".$rs['remark']."</remark>\n";
				$content.="</contact>\n"; 
			}
			$content.="</group>\n";
		}
	return $content;
}
//输出XML
function outPutXml($content) {
	header("Content-type:text/xml");
	echo "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\" ?>\n";
	echo "<netcuberesult>\n";
	echo $content;
	echo "</netcuberesult>";
	die();
}

	//加解密数据
function getEncryptionAndDecryption($data){
  //加密算法MCRYPT_BLOWFISH
	$algorithm = MCRYPT_TWOFISH;
	//加密key;
	$key = '%UgBgVIZsJUrekYT@Ro5*um#%B9QY1';
	//被加密$data
	//加密模式
	$mode = MCRYPT_MODE_CBC;
	//$iv = mcrypt_create_iv ( mcrypt_get_iv_size ( $algorithm, $mode ), MCRYPT_RAND );
	//加密data
	$encrypted_data = mcrypt_encrypt ( $algorithm, $key, $data, $mode, 'Vl4++49AOAO3PJZt' );
	$plain_text = base64_encode ( $encrypted_data );
	//打印加密后的data
	echo $plain_text;
//
//	
//	$encrypted_data = base64_decode ( $plain_text );
//	//解密data
//	$decoded = mcrypt_decrypt ( $algorithm, $key, $encrypted_data, $mode, 'Vl4++49AOAO3PJZt' );
//	//打印解密后的data
//	echo "解密后的数据:".$decoded . "\n";
}
?>